Meet the Authors: Olga Mack

Fundamentals of Smart Contract Security covers how blockchains function, design choices for smart contract development, common vulnerabilities, and best practices for writing smart contracts. This interview is one of a five-part series where we go behind the scenes and learn a bit more about the authors.

‍

Olga V. Mack is a strategist, nationally-recognized author, public speaker, and women’s advocate. As VP of Strategy at Quantstamp, her role is focused on moving the company towards its mission to achieve broader adoption of blockchain technology through smart contract security.

Olga’s day-to-day can include everything from educating about the importance of smart contract security to establishing partnerships with industry, community and governmental leaders. Before coming to Quantstamp, she held various roles at some major brands including ClearSlide, Zoosk, Visa, Wilson Sonsini, and Yahoo.

You have a really interesting background, including a law degree. How did you end up working for a blockchain application security company?

I have always been involved in the tech world and interested in cutting edge technology. As an intellectual property lawyer, security, and privacy lawyer, security has always been a major part of my professional life. As a certified privacy professional, I advised clients on this, and other related issues, for a long time. It was really this combination of experiences, interesting technology, and solving important security challenges that attracted me to the blockchain space.

I was initially drawn to Quantstamp’s mission, the impact of their work, and the talented people on the team. Ultimately it was a great fit, as I’ve been able to combine my experience as a lawyer and executive with my passion for security.

Olga, you recently presented at TEDxSanFrancisco where you describe yourself as being incredibly passionate about the intersection of blockchain strategy, leadership, and innovation. Why do you think there's such an opportunity there?

Blockchain is a backend solution. It’s most successful when it’s invisible. I often explain it’s like sewer pipes or electricity. Basically, if you’re not aware of them, then everything’s working as it should.

Blockchain is creating efficiencies - however, the long term potential is much bigger. In combination with other backend technologies, such as data, AI, and IoT, I am certain that it will transform our lives.

It’s a really exciting time for blockchain. While we can’t fix everything with blockchain, we have the opportunity to solve challenges that we’ve collectively deemed unsolvable.

The security component is also crucial. When you have an intersection of various tech and valuable assets, there’s an opportunity for criminals to take advantage of these assets. This makes it increasingly important to address security in blockchain. I’m confident that combining strategy, leadership, and innovation will help us work towards new solutions.

‍

With your experience in tech and blockchain, it's safe to say you're no stranger to the enterprise world. If there’s so much potential for smart contracts to change how we operate, what’s holding the enterprise market back from broader adoption?

It’s a complicated technology that is still in its infancy. A lot is experimental, and there's a lot of research, such as what’s coming out of the University of Waterloo, MIT, Berkeley, Stanford, and NUS.

I think that enterprises are really excited about it. Many of them are publicly or privately embracing its potential. They understand that it may change, that new tools may appear, and are excited to take advantage of its capabilities.

Ultimately, I see a natural progression that takes place as new tech is adopted. Being part of that building process is an important learning curve for enterprises. It’s also an opportunity to figure out where to research, develop, invest, partner, or acquire.

You helped facilitate the passage of two blockchain bills and helped train a California department. Why is a conversation with policymakers important to achieving Quantstamp’s mission?

Tech is so powerful and could have so many benefits to the public as a whole. We see governments in other regions leading innovation, embracing the opportunity to better the lives of their citizens. From my perspective, there is an unprecedented opportunity. This is the first time in history where the government doesn’t have to be sitting on the sidelines, but instead, can lead us in the right direction.

Security is an important issue for policymakers and it’s important to have a conversation around these issues. We want to help guide their efforts to make sure that we not only have a voice but that outcomes are visible, secure and available to all. Policymakers need to be educated and I am on a mission to help. The baseline of what’s normal is changing, and we want to ensure sound decisions are made.

Ultimately, why did you want to be part of writing Fundamentals of Smart Contract Security? What do you hope this book will accomplish?

In any enterprise, security is just like finance, legal practices, good customer service, well-trained sales departments, or competent engineers. It’s a critical component of any successful organization.

Of course, security isn’t a new challenge - it predates the internet. Advances in technology amplify security challenges. As more powerful technologies come, we come across new challenges. Criminals have the same access to technology as the rest of us. So solving security challenges in blockchain is crucial if we want to take advantage of this really powerful technology.

With this book, we really wanted to share the fundamentals of security with a broad audience, including enterprises. It’s already a major priority for any leading edge organization and will become increasingly important in the future. Armed with this important knowledge, companies are able to innovate thoughtfully, and most importantly, avoid jeopardizing their reputation, assets or relationships.

Quantstamp and MythX are very excited to support EthBerlin this year. If you're participating, come find us at the HelpDesk, your one-stop resource for any security-related inquiries. Need suggestions on more secure code implementations or advice on mitigating certain vulnerabilities? The HelpDesk is available round the clock to offer guidance and assistance throughout the hackathon.

Computer scientists say that a procedure is re-entrant if its execution can be interrupted in the middle, initiated over (re-entered), and both runs can complete without any errors in execution. In the context of Ethereum smart contracts, re-entrancy can lead to serious vulnerabilities.